IETF Logo Mail Archive

[Add] draft-stark-add-dns-forwarder-analysis

Chris Box <chris.box.ietf@gmail.com> Wed, 16 June 2021 17:29 UTC

Return-Path: <chris.box.ietf@gmail.com>
X-Original-To: add@ietfa.amsl.com
Delivered-To: add@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 502033A2038 for <add@ietfa.amsl.com>; Wed, 16 Jun 2021 10:29:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q6gmhG31dpBx for <add@ietfa.amsl.com>; Wed, 16 Jun 2021 10:29:23 -0700 (PDT)
Received: from mail-qk1-x72d.google.com (mail-qk1-x72d.google.com [IPv6:2607:f8b0:4864:20::72d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B7B5C3A2036 for <add@ietf.org>; Wed, 16 Jun 2021 10:29:23 -0700 (PDT)
Received: by mail-qk1-x72d.google.com with SMTP id g19so209861qkk.2 for <add@ietf.org>; Wed, 16 Jun 2021 10:29:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=hM40Cw6SZxsfzM3H2eArD9cyLpW/LaORkwtmY4/m+mQ=; b=NCzgDx5vp5XNssjW2AEetq6zUkWUA3DOHRBBXJWpIva6z73gmqBKmyeuen86OBoPlf pLb6Ph4pGLPqvIoqX5KT4NqkVjtrQ+jAE7IwJqSkimZ3VG7NOrw9O2va2/UouhmEDaQg MylO5w3OS9fHtiXd3P4w2UO04JHCTUlczG+Grua87y9pBI0LuZUNJWt3JKGlAfhQOkYt XyMczA1hk5lvs2WX1116yAOCES9zsebLx18qk0LI7pI/fbrTzhH9kec5STj9jN6/aAft Y+jutxgccM040wDmxGMKuFCvLgRM3ugYB4ZzSnQwUXC/1QzZ5m4C8Y076/Pk9hu1myHR sZ2A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=hM40Cw6SZxsfzM3H2eArD9cyLpW/LaORkwtmY4/m+mQ=; b=N/yuiJyCUzZja/+BlLBYQFa587l1fHZAln+kY7+l3V1NclHAtlUuQjBJSP1P1LqQ0q GDOmnrLLb8lSH5c4WrnBjJp9yXXlR2r6Vkkb3g+db9g64WrlTAI97eKGcqOuGPRc6qyK rOjLdayekedvXhtdpYp1LQqamDg9blkM4qpt1A6+KLOLUlIZa0DCZOJf5GoYTzO9dP6L rA0PYCtO9lKgSOJwv8AeTp9YpcETO5DWubRvwIROCKXpa0LXKIdsyUeyHeqcK0n+H+74 crB0EW+00u/+oJt2m+h5+lj9dlVmGUWRH6QoS3upKIb0RmvTy1qnTxES85EIho1dSXhE +wCw==
X-Gm-Message-State: AOAM530rdbQCqDt62P+lzo6aIA1PQzVqMBzlKn98mZARB4kHD6thcCuu g5iBI/Zln9xZ/dkwO2SKYlMX5DeJ8WkFupOXXhUJUtO3YN0=
X-Google-Smtp-Source: ABdhPJxQiveidPqCXJ9KxIn0yLLcbjgZN5qOiO9Ludh+taZmnCAdzn3YocqbcB6qiuKDk8DtUMQ+TQPTr2rU6Zo8XKo=
X-Received: by 2002:a37:a115:: with SMTP id k21mr1175876qke.255.1623864561489; Wed, 16 Jun 2021 10:29:21 -0700 (PDT)
MIME-Version: 1.0
From: Chris Box <chris.box.ietf@gmail.com>
Date: Wed, 16 Jun 2021 18:29:10 +0100
Message-ID: <CACJ6M16WSpEdjYECynyT=x97_vabCK2hfQ2uq8DdkAepNJ1htA@mail.gmail.com>
To: ADD Mailing list <add@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000059daaf05c4e56ed3"
Archived-At: <https://mailarchive.ietf.org/arch/msg/add/x3L35bxRRrOC52hGymWPSqHOiyc>
Subject: [Add] draft-stark-add-dns-forwarder-analysis
X-BeenThere: add@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Applications Doing DNS <add.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/add>, <mailto:add-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/add/>
List-Post: <mailto:add@ietf.org>
List-Help: <mailto:add-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/add>, <mailto:add-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Jun 2021 17:29:29 -0000

All,

As you know the WG's recent progress has been mainly on DDR and DNR.
Barbara has spent some time considering what these drafts would mean for
typical residential deployments. The results can be found in the new I-D
draft-stark-add-dns-forwarder-analysis-00
<https://datatracker.ietf.org/doc/draft-stark-add-dns-forwarder-analysis/>.

   This draft analyzes the behaviors that residential end users and home
   network owners (e.g., parents of young children) might experience
   when operating systems and clients support [I-D.ietf-add-ddr] and/or
   [I-D.ietf-add-dnr] for discovery of encrypted DNS services and the CE
   router of the home network offers itself as the Do53 resolver.  This
   use case is explicitly mentioned in [I-D.ietf-add-requirements]
   Section 3.2 and has several requirements related to it.  This draft
   has two goals: determine if the analysis it provides is accurate and,
   if it is accurate, determine if the behavior is acceptable to the WG
   or if there should be changes to either of the discovery mechanisms.

The main content can be found in these sections:

   3.  Background  . . . . . . . . . . . . . . . . . . . . . . . . .   3
   4.  Scenario Analysis . . . . . . . . . . . . . . . . . . . . . .   4
     4.1.  Scenario 1: No changes to CE router . . . . . . . . . . .   4
     4.2.  Scenario 2: CE router updated to provide DNR in DHCP/
           RA  . . . . . . . . . . . . . . . . . . . . . . . . . . .   5
     4.3.  Scenario 3: CE router updated to support opportunistic
           encryption to its DNS forwarder . . . . . . . . . . . . .   6
   5.  Conclusions . . . . . . . . . . . . . . . . . . . . . . . . .   7
   6.  Questions for the WG  . . . . . . . . . . . . . . . . . . . .   7
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   7

We *think* the conclusions are valid for both ddr-01, and ddr-01 with PR#11.

But the purpose of writing this draft is to get your opinion. Are we wrong?
If so in which way?

Or if we are not wrong, the final question is to ask you if you are happy
with that end result.

Please have a look and let us know.
Chris

v2.23.0 | Report a Bug | By Email